With a lot of us now working from home for the majority of the week, it’s a good time to have a think about what equipment we have around us and if it’s fit for long-term use. Here are our top 10 things to consider.Read More
#4 EmailWith email MFA, the one-time password is sent to your email address. From there, you use the OTP (one-time password) to authenticate your account. The issue here is that your password is also usually reset by email. If the malicious actor already knows your email account password or if they have access to your current live session, this leaves your security wide open for your account to be compromised.
#3 SMS authenticationSMS MFA sends you a text with a one-time unique code linked to your account. SMS messages are susceptible to SIM-swap fraud, which has increased by up to 500% in the last five years. We recommend that you do not use SMS MFA if you work in a data sensitive industry or for your own business or personal banking web authentication.
#2 Push NotificationUsing an app such as Duo or Microsoft Azure Authenticator on your phone and receiving push notifications is currently very secure. To further enhance security, you can typically restrict login locations. For example, you could specify UK logins only, blocking all IP addresses from other countries. These apps can also be linked to biometric data, such as Apple Face ID, to ease authentication and add a third or fourth step in the MFA process.
#1 Cryptographic Hardware TokensFIDO enabled tokens provide the strongest method of authentication for your user accounts. Cryptographic keys are stored on secure USB or RFID tokens and must be plugged in or scanned by a near-field scanner (NFC-RFID) to authenticate your user account.Tokens can be integrated with your local directory services network and cloud platform to protect all users and administrative accounts. These systems are time consuming to set up, but once they’re up and running, with direct integration into services such as Windows Hello for Business, they currently provide by far the best protection and ease of use for your data. They also have the advantage of removing the need for passwords among end users. Instead of a password, the user can log in with a simple PIN. No more annoying password change requests for end users, and administrators can sleep in peace knowing that none of the users have passwords such as “LetMeIn2021”!
Wrap UpIt’s important to note that MFA protects against authenticating your user account and that’s it. Once you’re logged in, your systems and session can still be compromised. Having MFA should be only one part of a multi-layered approach to protecting your data and reputation. If you need advice on how to boost your MFA solution or require a security audit, please contact us.
Whether you’re talking to colleagues two floors up, or 200 miles away, Teams is a great collaboration tool. Even the free version can help people communicate and collaborate – either within, or across, organisations. So why should you add Teams Telephony to your package?Read More
A massive congratulations to Harry Gresham on his promotion to Pre-Sales Technical Consultant for Datcom.Read More